Bitdefender’s Bogdan Botezatu tells CBR why security should sit at the core of hyperconvergence.
Hyperconvergence — still a relatively new trend in the data centre space, but one that is already dramatically changing the way in which enterprises manage and maintain their IT infrastructures. Not only does it reduce cost over traditional infrastructure, but it also helps to achieve greater scalability, allowing easier management of a company’s IT environment.
According to data from research firm Gartner, the market for hyperconverged integrated systems jumped 79% to nearly $2 billion in 2016, accelerating the technology into mainstream use within the next five years.
The idea behind hyperconvergence is the simplification of the operation and management of data centres by combining the computing. storage and networking components of the data centre into a single, software-driven appliance. The simplification comes from the fact that the technology providing this capability comes from a single vendor.
As with so many other technological developments of recent years, the emergence of hyperconvergence introduces cyber security issues and challenges for organisations. Certainly, enterprise IT decision makers will need to get up to speed on security in the age of hyperconvergence before wading in and buying up solutions.
Unique environment, unique challenges
First things first, any organisation that thinks security does not need to change in a hyperconverged environment risks putting their data and systems reliability at risk.
Some of the security challenges that hyperconvergence raises are inherited from the very reasons why it will be so popular: performance and agility. To be effective in this type of setting, security solutions must understand the hosting environment so that performance can be maximised without the loss of security functionality.
Agility is a critical feature that must be embedded in the security layer in order to cope with the rapid changes of software-defined environments. New security models need to be as flexible as the underlying infrastructure, and security must be able to support IT infrastructures that are automated and quickly spun up and spun down as required.
Traditional security architectures are not used to this, and have full-scale agents running on each endpoint, which in turn will cause major performance drops in hyperconverged environments. The modern data centre therefore requires new security architectures with a light agent, or no agent at all, running on virtualised endpoints.
Security 2.0 for the hyperconverged
IT decision makers should look for centralised security solutions that are enablers, rather than detractors, of the major shifts now underway in the data centre space such as hyperconvergence, software-defined data centres and the hybrid cloud. Such products are available today, and enterprises need to look for certain key capabilities when evaluating these offerings.
For one thing, the solution needs to be built from the ground up for virtualisation and cloud environments. That includes offering anti-malware protection for virtual machines, optimising not only consolidation ratios but also operational costs.
It should also be designed as an enterprise solution that is capable of supporting the largest data centres. At the same time, integration into a production environment should be simple, and the technology benefits should apply to a virtual environment of any size.
Certain solutions, such as GravityZone from Bitdefender, rely on an adaptive, layered protection that’s powered by machine learning technology to provide efficacy. It works to predict, prevent, detect and remediate known and unknown threats, and protects organisations from advanced attacks. Although optimised for virtualisation, the solution does not make any compromises on protecting the entire data centre, including physical servers, desktops, laptops or mobile devices that are part of the environment.
A key consideration when looking at any security solution for a hyperconverged data centre is whether the solution has been tested to see what kind of impact it has on applications running in virtualised environments. The impact on performance should be minimal. Otherwise, the benefit of strong security will be offset by the lower level of performance in the data centre, something that no business user will be happy with.
Also important is whether the solution provides optimised security on all of the major virtualisation platforms, including VMware, Citrix, Microsoft Hyper-V, KVM and Oracle, and in any combination of environments such as private clouds, public clouds and hybrid clouds.
The point is that security in this new environment needs to provide universal coverage, and to do that it has to be vendor independent and coexist smoothly in most heterogeneous virtualisation environments.
Digital transformation without worry
Hyperconvergence technologies offer enterprises a unique opportunity to transform their data centres, turning them into more efficient and higher performing IT assets that support the move to digital business.
At the same time, companies naturally need to maintain a high level of data protection in this new environment, but those efforts should not get in the way of what makes hyperconvergence—and the software-defined data centre — such valuable resources.
IT organisations should be focusing on the activities that deliver value for business customers and not on deploying and managing security controls. The right security solutions should follow naturally the evolution of data centre infrastructure, accommodating the changes happening in the environment, without compromising the security posture.
Security solutions that consolidate all controls on a single console, and combine simplified deployment and administration of security policies to help streamline IT operations while improving compliance, enable organisations to fully reap the benefits of hyperconverged data centres.
These solutions can provide a blueprint for achieving a secure hyperconverged environment. They allow technology leaders to focus on maintaining an IT architecture that delivers a better return on investment, enables agile service provisioning, and easily scales as the business grows.